Re: [TLS] Please discuss: draft-housley-evidence-extns-00<
<home_pw@msn.com> Sun, 28 January 2007 04:51 UTC
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HB20T-0006gI-0o; Sat, 27 Jan 2007 23:51:09 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HB20S-0006cJ-5I for tls@ietf.org; Sat, 27 Jan 2007 23:51:08 -0500
Received: from bay0-omc1-s1.bay0.hotmail.com ([65.54.246.73]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HB20Q-0004ak-Ku for tls@ietf.org; Sat, 27 Jan 2007 23:51:08 -0500
Received: from hotmail.com ([65.55.131.19]) by bay0-omc1-s1.bay0.hotmail.com with Microsoft SMTPSVC(6.0.3790.2668); Sat, 27 Jan 2007 20:51:06 -0800
Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Sat, 27 Jan 2007 20:51:05 -0800
Message-ID: <BAY126-DAV9321B955D7C0BA1A0CFF092A00@phx.gbl>
Received: from 70.142.20.165 by BAY126-DAV9.phx.gbl with DAV; Sun, 28 Jan 2007 04:51:00 +0000
X-Originating-IP: [70.142.20.165]
X-Originating-Email: [home_pw@msn.com]
X-Sender: home_pw@msn.com
From: home_pw@msn.com
To: pgut001@cs.auckland.ac.nz
References: <E1HAdBx-0004G2-00@medusa01.cs.auckland.ac.nz>
Subject: Re: [TLS] Please discuss: draft-housley-evidence-extns-00<
Date: Sat, 27 Jan 2007 20:51:00 -0800
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"; charset="iso-8859-1"; reply-type="original"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Windows Live Mail desktop 8.0.1223
X-MimeOLE: Produced By Microsoft MimeOLE V8.0.1223
X-OriginalArrivalTime: 28 Jan 2007 04:51:05.0509 (UTC) FILETIME=[EB186D50:01C74297]
X-Spam-Score: 0.2 (/)
X-Scan-Signature: 34d35111647d654d033d58d318c0d21a
Cc: tls@ietf.org
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Errors-To: tls-bounces@lists.ietf.org
There has been a fair amount of support for experimental, when I look back over the thread. Assuming the authors could live with this, we could proceed, despite some clear and absolute "never-never-never votes". TLS WG could then lead the next generation of the privacy debate - moving privacy beyond black/white strong pairwise encryption claim into being a protocol for asserting "agreed limits for privacy expectations". This would enable SSL to get on with higher value transactions, and move beyond "SSL is great for $1000 e-commerce - that is assured by visa cards anyways". I know in my industry this _is_ being called for, where the transactions are generally 500,000USD or more, and involve a whole slew of regulated activities and licensed parties who required higher assurance from https RECORDS than we have addressed to date. I do think we would have to go back to basics tho. if the work item is accepted - starting with a requirement analysis and call for (competing) protocol designs - designs that can take into account wider understanding of various privacy/data-protection/data-retention regulatory regimes that must be taken into account. And, we must distinguish between TLS Evidence and TLS Authorization. The spec as-is currently is a design that says to me: "create an infrastructure that enforces mandatory data retention in the US, controlling communication capabilities at the router based on testing for "voluntary" optin to that policy regime. If the challenged party rejects the policy optin, deny communications - to show the evidence retention subpoena is being complied with". This apparent ultimate focus of the current concept (TLS Authorization) needs to be separated out of the TLS Evidence. A separate work item should be sought, to justify a place for working on TLS Authorization - a control plane protocol that clearly distinguishes itself from TLS Evidence (a data plane service). By starting with requirements, we would get back to (technical) evidence and its relationship to an enhanced privacy service, addressing such as the role of sessionid cache data retention, the new ticket data retention (and the role of MS key wrapping) and - similarly - ciphertext/cleartext data retention. Several other topics would probably need to get included. If the work item is accepted, this could be some of the underlying work that a section of the working group would need to address and reduce to issue/requirement form., Then, folks can worry about which protocol elements shall represent/control/enforce/store information, at which layer: https-v2/higgins, or TLS1.x. ----- Original Message ----- From: "Peter Gutmann" <pgut001@cs.auckland.ac.nz> To: <batyr@sympatico.ca>; <home_pw@msn.com>; <nelson@bolyard.com>; <pgut001@cs.auckland.ac.nz> Cc: <tls@ietf.org> Sent: Friday, January 26, 2007 6:21 PM Subject: Re: [TLS] Please discuss: draft-housley-evidence-extns-00< > "Omirjan Batyrbaev" <batyr@sympatico.ca> writes: > >>And what it takes to be Experimental RFC? > > See http://www.ietf.org/u/ietfchair/info-exp.html, in > particular the > Guidelines section which explain the Rules section: > > # If the IETF may publish something based on this on the > standards track once > we know how well this one works, it's Experimental. This > is the typical case > of not being able to decide which protocol is "better" > before we have > experience of dealing with them from a stable > specification. Case in point: > "PGM Reliable Transport Protocol Specification" (RFC > 3208) > > # If the document contains implicit or explicit > success/failure criteria, and > it's clear that the outcome can be used as the basis for > a recommendation to > the IETF community, it's Experimental. Case in point: RFC > 1797 "Class A > Subnet Experiment" which led to RFC 1879 "Class A Subnet > Experiment Results > and Recommendations" > > Peter. > _______________________________________________ TLS mailing list TLS@lists.ietf.org https://www1.ietf.org/mailman/listinfo/tls
- Re: [TLS] Please discuss: draft-housley-evidence-… home_pw
- RE: [TLS] Please discuss: draft-housley-evidence-… Mark Brown
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- Re: [TLS] Please discuss: draft-housley-evidence-… home_pw
- RE: [TLS] Please discuss: draft-housley-evidence-… Kemp, David P.
- RE: [TLS] Please discuss: draft-housley-evidence-… Mark Brown
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- RE: [TLS] Please discuss: draft-housley-evidence-… Stefan Santesson
- Re: [TLS] Please discuss: draft-housley-evidence-… home_pw
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- Re: [TLS] Please discuss: draft-housley-evidence-… home_pw
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- RE: [TLS] Please discuss: draft-housley-evidence-… Kemp, David P.
- Re: [TLS] Please discuss: draft-housley-evidence-… home_pw
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- RE: [TLS] Please discuss: draft-housley-evidence-… Mark Brown
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- Re: [TLS] Please discuss: draft-housley-evidence-… Nelson B Bolyard
- Re: [TLS] Please discuss: draft-housley-evidence-… Peter Gutmann
- Re: [TLS] Please discuss: draft-housley-evidence-… Omirjan Batyrbaev
- Re: [TLS] Please discuss: draft-housley-evidence-… Peter Gutmann
- Re: [TLS] Please discuss: draft-housley-evidence-… Steven M. Bellovin
- Re: [TLS] Please discuss: draft-housley-evidence-… home_pw
- Re: [TLS] Please discuss: draft-housley-evidence-… home_pw
- Re: [TLS] Please discuss: draft-housley-evidence-… Russ Housley
- Re: [TLS] Please discuss: draft-housley-evidence-… home_pw
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- Re: [TLS] Please discuss: draft-housley-evidence-… home_pw
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- Re: [TLS] Please discuss: draft-housley-evidence-… Russ Housley
- RE: [TLS] Please discuss: draft-housley-evidence-… Peter Williams
- RE: [TLS] Please discuss: draft-housley-evidence-… Kemp, David P.
- Re: [TLS] Please discuss: draft-housley-evidence-… Peter Gutmann
- Re: [TLS] Please discuss: draft-housley-evidence-… Martin Rex
- RE: [TLS] Please discuss: draft-housley-evidence-… Peter Williams
- Re: [TLS] Please discuss: draft-housley-evidence-… Russ Housley
- RE: [TLS] Please discuss: draft-housley-evidence-… Peter Williams
- RE: [TLS] Please discuss: draft-housley-evidence-… Kemp, David P.